Preventing home network intrusions

Good morning. I need to tighten the security on my Linksys EA4500 router. I have been seeing different cell phones listed on my Network in File Explorer.

I am using WPA/WPA2 Mixed Personal encryption. Obviously, my password was not tough enough. Knowing most of my neighbors and their technical abilities, I didn’t think that I needed a Fort Knox password. Wrong.

In my research I have read that hiding the SSID is worthless (even if I could- not possible on this router), MAC address filtering is not worth the effort if someone technically sophisticated is intent upon breaking into a network.

I will change my router password and WPA2 passphrase today. I have turned off guest access to the network.

Regarding the wireless network itself, there isn't much more that you can do. With WPA2 and a good, long password, you should be fine. Regarding access to your networked computers, I would disable any sharing that is not password protected. If you run a software firewall, make sure you only allow known devices to have access to your computer.

To determine whether or not your router is accessible from the outside (an external IP address)
--- Find out your IP address when you are online go to http://www.whatismyip.com/
--- Visit http://dnstools.com/ and choose option check port 80, put in your IP address you just found & click Go
--- If you get connected successfully to port 80 then your router is accessible from the outside and you need to change your settings

To determine whether or not your router is accessible from the outside (an external IP address)
--- Find out your IP address when you are online go to http://www.whatismyip.com/
--- Visit http://dnstools.com/ and choose option check port 80, put in your IP address you just found & click Go
--- If you get connected successfully to port 80 then your router is accessible from the outside and you need to change your settings

There are far more ports than just port 80! That is the HTTP port to access a web server. If that that port is open and the OP doesn't knowingly have a website running within their network then it is a cause for concern.

I just ran the tests at grc.com and it was good to see so many stealth reports
--- One failure I got is on the Ping Reply
--- Since I don't do file & printer services I need to review the Network Bondage section which I will do because I want to understand what's going on
Thanks again

Rather than hide your SSID, you can give it a nondescript name, such as "football fan", something that will prevent people from knowing that it is you. This won't actually keep anyone out, but it will deter those who are looking specifically for your router -- it will keep them from knowing that it is you.

The Following User Says Thank You to mrjimphelps For This Useful Post:

Firstly, if you hide the SSID then instead of the router broadcasting that the SSID exists only around your home, your laptop will broadcast a request to see if the SSID is available wherever it is located.

Secondly, with an appropriate program on their phone (WiFi Analyser for Android for instance) I think that they can find the SSID anyway.

As previous people have said, use WPA2 (rather than WPA or WEP which were good(-ish) in their time but can be hacked easily these days) with a strong password (since you only need to enter this password very rarely). On my router I use WPA2 with a 25+ character password with upper and lower case characters, numbers and symbols.

(And whilst we are at it, it is probably worth using WiFi Analyser or similar to see what channels other routers are operating on around you, and select the best channel for your own router to operate on.)

On the router's login screen it is important, as another poster already said, to change the user name to something other than "admin" because any good hacker knows that's the standard user name on most routers. Of course, you should also put in a good password here.

And, turning off WPS (Wi-fi Protected Setup) is important because hackers have found ways to exploit that, too.

There's a turn-around area on our side street where cars sometimes pull up and park for a while. i've walked by and seen drivers using a laptop or tablet. A few times they quickly put down the laptop and drove away when they saw me. Gee, do you think they may have been trying to piggy-back on our wireless router? Or our neighbors? Or maybe hack in and steal data? Maybe so, but with a long, strong WPA-2 passphrase and the router's login safely changed and WPS off .... well they will be there all day trying to hack into that!